1 files changed, 2 insertions, 85 deletions
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
index 61eb667c38..1f80a8f7d9 100644
--- a/src/lib/libssl/src/apps/s_server.c
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s_server.c,v 1.54 2014/06/28 04:39:41 deraadt Exp $ */
+/* $OpenBSD: s_server.c,v 1.55 2014/07/09 20:59:41 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -554,11 +554,7 @@ cert_status_cb(SSL * s, void *arg)
        STACK_OF(X509_EXTENSION) * exts;
        int ret = SSL_TLSEXT_ERR_NOACK;
        int i;
-#if 0
-        STACK_OF(OCSP_RESPID) * ids;
-        SSL_get_tlsext_status_ids(s, &ids);
-        BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
-#endif
        if (srctx->verbose)
                BIO_puts(err, "cert_status: callback called\n");
        /* Build up OCSP query from server certificate */
@@ -1184,17 +1180,6 @@ bad:
                SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
 #endif
-#if 0
-        if (cipher == NULL)
-                cipher = getenv("SSL_CIPHER");
-#endif
-#if 0
-        if (s_cert_file == NULL) {
-                BIO_printf(bio_err, "You must specify a certificate file for the server to use\n");
-                goto end;
-        }
-#endif
        if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
            (!SSL_CTX_set_default_verify_paths(ctx))) {
@@ -1352,7 +1337,6 @@ bad:
                        goto end;
        }
 #ifndef OPENSSL_NO_RSA
-#if 1
        if (!no_tmp_rsa) {
                SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
 #ifndef OPENSSL_NO_TLSEXT
@@ -1360,31 +1344,6 @@ bad:
                        SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
 #endif
        }
-#else
-        if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
-                RSA *rsa;
-                BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
-                BIO_flush(bio_s_out);
-                rsa = RSA_generate_key(512, RSA_F4, NULL);
-                if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
-                        ERR_print_errors(bio_err);
-                        goto end;
-                }
-#ifndef OPENSSL_NO_TLSEXT
-                if (ctx2) {
-                        if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
-                                ERR_print_errors(bio_err);
-                                goto end;
-                        }
-                }
-#endif
-                RSA_free(rsa);
-                BIO_printf(bio_s_out, "\n");
-        }
-#endif
 #endif
 #ifndef OPENSSL_NO_PSK
@@ -1795,11 +1754,7 @@ sv_body(char *hostname, int s, unsigned char *context)
 err:
        if (con != NULL) {
                BIO_printf(bio_s_out, "shutting down SSL\n");
-#if 1
                SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-#else
-                SSL_shutdown(con);
-#endif
                SSL_free(con);
        }
        BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
@@ -1938,28 +1893,6 @@ err:
 }
 #endif
-#if 0
-static int 
-load_CA(SSL_CTX * ctx, char *file)
-{
-        FILE *in;
-        X509 *x = NULL;
-        if ((in = fopen(file, "r")) == NULL)
-                return (0);
-        for (;;) {
-                if (PEM_read_X509(in, &x, NULL) == NULL)
-                        break;
-                SSL_CTX_add_client_CA(ctx, x);
-        }
-        if (x != NULL)
-                X509_free(x);
-        fclose(in);
-        return (1);
-}
-#endif
 static int 
 www_body(char *hostname, int s, unsigned char *context)
 {
@@ -2188,21 +2121,11 @@ www_body(char *hostname, int s, unsigned char *context)
                                BIO_printf(io, "'%s' is an invalid path\r\n", p);
                                break;
                        }
-#if 0
-                        /* append if a directory lookup */
-                        if (e[-1] == '/')
-                                strcat(p, "index.html");
-#endif
                        /* if a directory, do the index thang */
                        if (app_isdir(p) > 0) {
-#if 0                           /* must check buffer size */
-                                strcat(p, "/index.html");
-#else
                                BIO_puts(io, text);
                                BIO_printf(io, "'%s' is a directory\r\n", p);
                                break;
-#endif
                        }
                        if ((file = BIO_new_file(p, "r")) == NULL) {
                                BIO_puts(io, text);
@@ -2274,14 +2197,8 @@ www_body(char *hostname, int s, unsigned char *context)
                        break;
        }
 end:
-#if 1
        /* make sure we re-use sessions */
        SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
-#else
-        /* This kills performance */
-/*      SSL_shutdown(con); A shutdown gets sent in the
- *      BIO_free_all(io) procession */
-#endif
 err:

diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c index 61eb667c38..1f80a8f7d9 100644 --- a/src/lib/libssl/src/apps/s_server.c +++ b/src/lib/libssl/src/apps/s_server.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s_server.c,v 1.54 2014/06/28 04:39:41 deraadt Exp $ */	1	/* $OpenBSD: s_server.c,v 1.55 2014/07/09 20:59:41 tedu Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -554,11 +554,7 @@ cert_status_cb(SSL * s, void *arg)
554	STACK_OF(X509_EXTENSION) * exts;	554	STACK_OF(X509_EXTENSION) * exts;
555	int ret = SSL_TLSEXT_ERR_NOACK;	555	int ret = SSL_TLSEXT_ERR_NOACK;
556	int i;	556	int i;
557	#if 0	557
558	STACK_OF(OCSP_RESPID) * ids;
559	SSL_get_tlsext_status_ids(s, &ids);
560	BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids));
561	#endif
562	if (srctx->verbose)	558	if (srctx->verbose)
563	BIO_puts(err, "cert_status: callback called\n");	559	BIO_puts(err, "cert_status: callback called\n");
564	/* Build up OCSP query from server certificate */	560	/* Build up OCSP query from server certificate */
@@ -1184,17 +1180,6 @@ bad:
1184	SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);	1180	SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
1185	#endif	1181	#endif
1186		1182
1187	#if 0
1188	if (cipher == NULL)
1189	cipher = getenv("SSL_CIPHER");
1190	#endif
1191
1192	#if 0
1193	if (s_cert_file == NULL) {
1194	BIO_printf(bio_err, "You must specify a certificate file for the server to use\n");
1195	goto end;
1196	}
1197	#endif
1198		1183
1199	if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) \|\|	1184	if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) \|\|
1200	(!SSL_CTX_set_default_verify_paths(ctx))) {	1185	(!SSL_CTX_set_default_verify_paths(ctx))) {
@@ -1352,7 +1337,6 @@ bad:
1352	goto end;	1337	goto end;
1353	}	1338	}
1354	#ifndef OPENSSL_NO_RSA	1339	#ifndef OPENSSL_NO_RSA
1355	#if 1
1356	if (!no_tmp_rsa) {	1340	if (!no_tmp_rsa) {
1357	SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);	1341	SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
1358	#ifndef OPENSSL_NO_TLSEXT	1342	#ifndef OPENSSL_NO_TLSEXT
@@ -1360,31 +1344,6 @@ bad:
1360	SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);	1344	SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
1361	#endif	1345	#endif
1362	}	1346	}
1363	#else
1364	if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
1365	RSA *rsa;
1366
1367	BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
1368	BIO_flush(bio_s_out);
1369
1370	rsa = RSA_generate_key(512, RSA_F4, NULL);
1371
1372	if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
1373	ERR_print_errors(bio_err);
1374	goto end;
1375	}
1376	#ifndef OPENSSL_NO_TLSEXT
1377	if (ctx2) {
1378	if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
1379	ERR_print_errors(bio_err);
1380	goto end;
1381	}
1382	}
1383	#endif
1384	RSA_free(rsa);
1385	BIO_printf(bio_s_out, "\n");
1386	}
1387	#endif
1388	#endif	1347	#endif
1389		1348
1390	#ifndef OPENSSL_NO_PSK	1349	#ifndef OPENSSL_NO_PSK
@@ -1795,11 +1754,7 @@ sv_body(char hostname, int s, unsigned char context)
1795	err:	1754	err:
1796	if (con != NULL) {	1755	if (con != NULL) {
1797	BIO_printf(bio_s_out, "shutting down SSL\n");	1756	BIO_printf(bio_s_out, "shutting down SSL\n");
1798	#if 1
1799	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);	1757	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
1800	#else
1801	SSL_shutdown(con);
1802	#endif
1803	SSL_free(con);	1758	SSL_free(con);
1804	}	1759	}
1805	BIO_printf(bio_s_out, "CONNECTION CLOSED\n");	1760	BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
@@ -1938,28 +1893,6 @@ err:
1938	}	1893	}
1939	#endif	1894	#endif
1940		1895
1941	#if 0
1942	static int
1943	load_CA(SSL_CTX * ctx, char *file)
1944	{
1945	FILE *in;
1946	X509 *x = NULL;
1947
1948	if ((in = fopen(file, "r")) == NULL)
1949	return (0);
1950
1951	for (;;) {
1952	if (PEM_read_X509(in, &x, NULL) == NULL)
1953	break;
1954	SSL_CTX_add_client_CA(ctx, x);
1955	}
1956	if (x != NULL)
1957	X509_free(x);
1958	fclose(in);
1959	return (1);
1960	}
1961	#endif
1962
1963	static int	1896	static int
1964	www_body(char hostname, int s, unsigned char context)	1897	www_body(char hostname, int s, unsigned char context)
1965	{	1898	{
@@ -2188,21 +2121,11 @@ www_body(char hostname, int s, unsigned char context)
2188	BIO_printf(io, "'%s' is an invalid path\r\n", p);	2121	BIO_printf(io, "'%s' is an invalid path\r\n", p);
2189	break;	2122	break;
2190	}	2123	}
2191	#if 0
2192	/* append if a directory lookup */
2193	if (e[-1] == '/')
2194	strcat(p, "index.html");
2195	#endif
2196
2197	/* if a directory, do the index thang */	2124	/* if a directory, do the index thang */
2198	if (app_isdir(p) > 0) {	2125	if (app_isdir(p) > 0) {
2199	#if 0 /* must check buffer size */
2200	strcat(p, "/index.html");
2201	#else
2202	BIO_puts(io, text);	2126	BIO_puts(io, text);
2203	BIO_printf(io, "'%s' is a directory\r\n", p);	2127	BIO_printf(io, "'%s' is a directory\r\n", p);
2204	break;	2128	break;
2205	#endif
2206	}	2129	}
2207	if ((file = BIO_new_file(p, "r")) == NULL) {	2130	if ((file = BIO_new_file(p, "r")) == NULL) {
2208	BIO_puts(io, text);	2131	BIO_puts(io, text);
@@ -2274,14 +2197,8 @@ www_body(char hostname, int s, unsigned char context)
2274	break;	2197	break;
2275	}	2198	}
2276	end:	2199	end:
2277	#if 1
2278	/* make sure we re-use sessions */	2200	/* make sure we re-use sessions */
2279	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);	2201	SSL_set_shutdown(con, SSL_SENT_SHUTDOWN \| SSL_RECEIVED_SHUTDOWN);
2280	#else
2281	/* This kills performance */
2282	/* SSL_shutdown(con); A shutdown gets sent in the
2283	* BIO_free_all(io) procession */
2284	#endif
2285		2202
2286	err:	2203	err:
2287		2204